endpointcreds

package
v0.23.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 25, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package endpointcreds provides support for retrieving credentials from an arbitrary HTTP endpoint.

The credentials endpoint Provider can receive both static and refreshable credentials that will expire. Credentials are static when an "Expiration" value is not provided in the endpoint's response.

Static credentials will never expire once they have been retrieved. The format of the static credentials response:

{
    "AccessKeyId" : "MUA...",
    "SecretAccessKey" : "/7PC5om....",
}

Refreshable credentials will expire within the "ExpiryWindow" of the Expiration value in the response. The format of the refreshable credentials response:

{
    "AccessKeyId" : "MUA...",
    "SecretAccessKey" : "/7PC5om....",
    "Token" : "AQoDY....=",
    "Expiration" : "2016-02-25T06:03:31Z"
}

Errors should be returned in the following format and only returned with 400 or 500 HTTP status codes.

{
    "code": "ErrorCode",
    "message": "Helpful error message."
}

Index

Constants

View Source
const ProviderName = `CredentialsEndpointProvider`

ProviderName is the name of the credentials provider.

Variables

This section is empty.

Functions

This section is empty.

Types

type Provider

type Provider struct {
	aws.SafeCredentialsProvider
	// contains filtered or unexported fields
}

Provider satisfies the aws.CredentialsProvider interface, and is a client to retrieve credentials from an arbitrary endpoint.

func New

func New(cfg aws.Config, options ...func(*ProviderOptions)) *Provider

New returns a credentials Provider for retrieving AWS credentials from arbitrary endpoint.

type ProviderOptions added in v0.23.2

type ProviderOptions struct {
	// ExpiryWindow will allow the credentials to trigger refreshing prior to
	// the credentials actually expiring. This is beneficial so race conditions
	// with expiring credentials do not cause request to fail unexpectedly
	// due to ExpiredTokenException exceptions.
	//
	// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
	// 10 seconds before the credentials are actually expired.
	//
	// If ExpiryWindow is 0 or less it will be ignored.
	ExpiryWindow time.Duration

	// Optional authorization token value if set will be used as the value of
	// the Authorization header of the endpoint credential request.
	AuthorizationToken string
}

ProviderOptions is structure of configurable options for Provider

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL